• Save
The Future of Cyber Security
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

The Future of Cyber Security

  • 6,260 views
Uploaded on

This presentation, provided by TEC CYBER, is dedicated to exploring what the field of Cyber Security may look in the year 2021.

This presentation, provided by TEC CYBER, is dedicated to exploring what the field of Cyber Security may look in the year 2021.

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
  • thanks
    for support...
    Are you sure you want to
    Your message goes here
  • sir, I want to upto ppt please, send me this
    E-mail :- ptlbhavin@ymail.com
    thanx...
    Are you sure you want to
    Your message goes here
  • i can,t download . can you be kind to send me the ppt... as soon as posible. its urgent
    thx
    Are you sure you want to
    Your message goes here
  • @Moumou26 : hav u get this ppt.
    Are you sure you want to
    Your message goes here
  • can you send this ppt to velmurugan.vmk007@gmail.com mail id.Because i can't download this ppt.
    Are you sure you want to
    Your message goes here
No Downloads

Views

Total Views
6,260
On Slideshare
5,902
From Embeds
358
Number of Embeds
10

Actions

Shares
Downloads
0
Comments
7
Likes
27

Embeds 358

http://itknowledgeexchange.techtarget.com 145
http://unjobs.org 116
http://cyber.inonesite.com 31
http://www.perspagina.nl 25
http://tec-cyber.com 15
http://semantech-inc.com 9
http://jules-demo.blogspot.com 9
http://www.tec-cyber.com 5
http://users.unjobs.org 2
http://sn145w.snt145.mail.live.com 1

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1.  
  • 2. Introduction
    • This presentation is dedicated to envisioning what Cyber Security in 2021 will look like.
    • That vision includes the Cyber Security threat landscape, the technologies which may be employed as well as the practice approaches which may be applied by security professionals.
    • These represent near-term predictions and are based upon current trends and several logical evolutionary patterns.
    • The goal of this presentation is to better anticipate future challenges in order to help solve them.
    Copyright 2011, All Rights Reserved – Teksouth Corporation
  • 3. Copyright 2011, All Rights Reserved – Teksouth Corporation Our old preconceptions about IT Security & its relationship with modern society are melting away rapidly…
  • 4. The Hype Copyright 2011, All Rights Reserved – Teksouth Corporation
    • The fear of Cyber Threats has so far surpassed the reality of Cyber Security failures. Popular culture has introduced us to “ Zero Day ,” but it hasn’t happened yet – that’s a good thing.
    • This situation will reverse over the next ten years. It only requires one catastrophic failure to illustrate the full potential of Cyber threats. It is increasingly likely that we will experience this sometime soon.
    • The chief candidates for a catastrophic failure are world financial markets, military command and control systems and critical infrastructure systems.
  • 5. Copyright 2011, All Rights Reserved – Teksouth Corporation Sometimes the Hype can get in the way of more serious discussions. Those discussions are necessary though…
  • 6. The Reality Copyright 2011, All Rights Reserved – Teksouth Corporation
    • Modern Warfare as we know it has already become intertwined with Cyber Security capability.
    • Guerilla Warfare & Terrorism are following suit.
    • Organized crime has shifted more and more towards integration of Cyber crime operations with traditional endeavors.
    • All aspects of political action are now adopting cyber capabilities. Uprisings, protests even revolutions are now intimately linked to internet technology.
    • These trends have us pointed onto a collision course of interests and destructive capabilities. It is no longer a matter of “if,” but “when.”
  • 7. Copyright 2011, All Rights Reserved – Teksouth Corporation Nearly every major component of the automobile was well-defined by the early part of the 20 th Century. We didn’t realize how the car would transform society until later that century…
  • 8. About Predictions Copyright 2011, All Rights Reserved – Teksouth Corporation
    • Prediction is both an art and a science. Ours are based on several key elements:
        • Our years of experience in this field.
        • Involvement in transformation-focused projects where definition of future practice was part of our mandate (e.g. we were asked to build solutions while defining the anticipated future problem space 1 to 5 years out).
        • Examination of past and current IT trends.
        • Examination of emerging technologies and assessment of how those may impact trends.
  • 9. Logical Evolution Copyright 2011, All Rights Reserved – Teksouth Corporation
    • A critical part of any predictive exercise is the ability to identify and apply “ Logical Evolution ” to a particular topic area.
    • Logical Evolution is a dialectic process wherein subject matter experts work to identify specific elements, features or requirements which represent both the desired & likely near-term evolution of a product, service or arena.
    • This is usually a bottom up process wherein features are identified across a variety specific applications and later reviewed for possible synergistic impacts.
  • 10. Section 1: Our Predictions Copyright 2011, All Rights Reserved – Teksouth Corporation
  • 11. Our Scope Copyright 2011, All Rights Reserved – Teksouth Corporation
    • The scope of this exploration will be focused across three areas:
      • An examination of the technologies which are likely to impact Cyber Security.
      • The nature of Cyber Security Threats.
      • The nature of Cyber Security Practice.
  • 12. Cyber Technology Copyright 2011, All Rights Reserved – Teksouth Corporation
    • Cyber Security is a technology-driven field. Understanding which new technologies may disrupt or change Cyber Security practice is vital in making accurate predictions.
    • We predict significant Cyber impacts resulting from the following emerging technologies:
      • Converged Mobile
      • Quantum Computing
      • Cloud Computing
      • Predictive Semantics
      • Behavioral Identity
      • Dynamic Networks
  • 13. Converged Mobile Copyright 2011, All Rights Reserved – Teksouth Corporation
    • Until recently, mobile computing and wireless networks were often viewed somewhat separately from core networks and primary computing platforms / domains.
    • That’s changing and it will continue to merge until there is nothing to distinguish management of the physical and the virtual enterprise.
    • This becomes even more interesting considering that much of what will be managed on both mobile and fixed infrastructures will also be dependent on third party Cloud platforms. For this convergence to succeed, security as we know it must change .
  • 14. Quantum Computing Copyright 2011, All Rights Reserved – Teksouth Corporation
    • For many years both computing speed as well as data depth have been increasing. This increase while steep has not been exponential. It has taken 40 years to get where we are now.
    • In the next ten years we will experience exponential growth in computing speed and data depth. Much of this will be due to the introduction of Quantum computing.
    • Quantum computing will allow for an instant doubling in computing power – one of the impacts of this will be the eventual obsolescence of tradition encryption approaches…
  • 15. Quantum Computing Copyright 2011, All Rights Reserved – Teksouth Corporation Quantum Computing may not lead to Artificial Intelligence, but it doesn’t have to. Increased Velocity is a game changer all by itself.
  • 16. Cloud Computing Copyright 2011, All Rights Reserved – Teksouth Corporation
    • Contrary to popular belief, most of what we know as Cloud Computing isn’t new.
    • What is new is how the elements which comprise it; Application Hosting, Virtualization, SOA are being harnessed in tandem.
    • Cloud Computing introduces significant new Security hurdles which have not yet been worked through.
    • More importantly, Cloud Computing illustrates the need to apply holistic lifecycle management & enterprise integration to Cyber Security.
  • 17. Cloud Computing Copyright 2011, All Rights Reserved – Teksouth Corporation
    • IaaS:
      • Networks, Security, Mainframes, Servers, Storage
      • Telecom Carrier Services
      • IT Facilities/Hosting Services
    • PaaS:
      • Application Development, Data, Workflow, etc.
      • Security Services (Single Sign-On, Authentication, etc.)
      • Database Management
      • Directory Services
    • SaaS:
      • Gov-Apps, Internet Services
      • Blogging/Surveys/Twitter, Social Networking
      • Information/Knowledge Sharing (Wiki)
      • Communication (e-mail), Collaboration (e-meeting)
      • Productivity Tools (office)
      • Enterprise Resource Planning (ERP)
  • 18. Predictive Semantics Copyright 2011, All Rights Reserved – Teksouth Corporation
    • Semantic Technology is one of the least understood and most powerful emerging trends in IT. Even fewer have made the connection between Semantic Technology and Cyber Security.
    • However these capabilities were made for one another. Semantic Tech gives us new ways to integrate and interpret data. This will become especially important in the next generation of predictive & visual analytics.
    • This will express itself through the merging of biometrics, identity management and network behaviors (and the ability to visualize complex patterns).
  • 19. Predictive Semantics Copyright 2011, All Rights Reserved – Teksouth Corporation
  • 20. Behavioral Identity Copyright 2011, All Rights Reserved – Teksouth Corporation
    • One of the most important advances in the next decade will be the evolution in thinking about what identity represents.
    • Today, Identity is either a credential, a biometric marker or both. As we all know in real life identity is more complex than that – moreover it is also sometimes dynamic. People change and often those changes occur outside the context of any trusted identity management solution.
    • In 2021, Identity will be evaluated by dozens of variables as well as through real-time behavior.
  • 21. Dynamic Networks Copyright 2011, All Rights Reserved – Teksouth Corporation
    • What if you could redefine networks at will? What if you could change addresses, domain names, encryption protocols, security strategy as often as needed to thwart attacks?
    • Dynamic Networks do this. A Dynamic Network takes us from being a fixed target to moving target – this represents a sea change in how Cyber Security defends critical assets.
    • Dynamic Networks represent the next generation of network management. They don’t just enhance security – Dynamic networks will support higher levels of automation, self repair & performance
  • 22. Cyber Security Threats Copyright 2011, All Rights Reserved – Teksouth Corporation The Nature of Cyber Threats will evolve as rapidly as emerging technologies. A new generation has now had time to re-envision the rules – Cyber Threats have matured and now will move towards ever greater sophistication.
  • 23. The Dynamic Perimeter Copyright 2011, All Rights Reserved – Teksouth Corporation
    • One of the major realizations that has already begun to transform IT is the idea that network barriers are relatively ineffective.
    • Insider threats, inside the firewall penetration, IP tunneling, management of mobile tech & edge devices and cloud infrastructures all point to the fact the barriers we thought were solid are in fact porous.
    • Once that realization is fully acknowledged – it leads logically to a more comprehensive view of security and security practice. The most important aspect of Threat Management in 2021 will be the coordination of Threats across all types of attacks and all types of infrastructure.
  • 24. Copyright 2011, All Rights Reserved – Teksouth Corporation
  • 25. Threat Management Copyright 2011, All Rights Reserved – Teksouth Corporation
    • It’s Analytical – Threats must be both defined and identified and later – recognized when they occur.
    • It’s Operational – Threat Management is an active component of every security architecture already – anti-virus software and firewalls have massive data stores of threat related information which they apply. The sources and exploitation of Threat data continues to grow constantly.
    • It’s Part of a Larger Lifecycle – Viewing threats outside of either the attack lifecycle or the defense solution lifecycle will provide an incomplete view.
    • It’s both Strategic & Tactical – And it must be linked…
  • 26. Copyright 2011, All Rights Reserved – Teksouth Corporation Threats aren’t properly understood until after they are manifested. This places us at an immediate disadvantage and tends to force us to play catch up.
  • 27. Threat Patterns Copyright 2011, All Rights Reserved – Teksouth Corporation
    • Cyber Security shares a similar problem with the rest of information technology – information overload .
    • There is already too much information for operators to analyze rapidly, thus the practice of Forensics involves serious time delays in providing relevant information – and most of it isn’t actionable.
    • The key to managing threats is understanding them – the key to understanding them is to find a way to map them against specific behaviors or events. The activities which help provide this definition and mapping represents the core of Threat Management.
  • 28. Threat Predictions Copyright 2011, All Rights Reserved – Teksouth Corporation
    • Prediction 1 – Denial of Service (DoS) will disappear as a mainstream threat by 2021. It will exist only as part of larger coordinated attacks.
    • Prediction 2 – Cyber activism will become more prevalent; this will throw us headlong into controversy regarding free speech versus security.
    • Prediction 3 – The world’s first entirely Cyber War will be fought by or before 2021. It will likely be undeclared and referred to as something else.
    • Prediction 4 – By 2021, $5 to 10 trillion dollars will have been lost due to Cyber crime.
    • Prediction 5 – Despite remarkable efforts and expense to secure global infrastructures; they will remain vulnerable. Cyber adversaries retain their lead…
  • 29. Cyber Practice Copyright 2011, All Rights Reserved – Teksouth Corporation The scope of what Cyber Security is as a practice or career field is still in flux. This will remain the case for the next five years at least. By 2021 it will be well defined but won’t resemble what we’re doing now at all…
  • 30. Multi- Dimensional Copyright 2011, All Rights Reserved – Teksouth Corporation
    • Stovepipes and Cyber Security don’t mix. You cannot secure just a portion of your enterprise and have a secure infrastructure. The weakest link determines your posture, period.
    • Today’s information security professionals are overly-specialized with few if any dedicated to putting all the puzzle pieces back together again.
    • By 2021, a new breed of experts with knowledge in depth across multiple domains will be commonplace. More importantly, these new Cyber professionals will be trained to solve cross domain crises and problems. New tools will assist them.
  • 31. Copyright 2011, All Rights Reserved – Teksouth Corporation Cyber Architecture will become a major career path, practice approach for all of IT.
  • 32. Cyber Architecture Copyright 2011, All Rights Reserved – Teksouth Corporation
    • What is Cyber Architecture? It is an overlay across organizations or groups of organizations. It also overlays all other aspects of information / technical architecture.
    • By 2021, Cyber Architecture will have replaced Enterprise Architecture as the most prevalent approach to IT design & management.
    • The reason why is simple – Cyber Architecture has an immediate and lifecycle long performance constraint (security) and also allows us to mitigate any or all enterprise issues in a shared context.
  • 33. Holistic Lifecycle Copyright 2011, All Rights Reserved – Teksouth Corporation
    • Over the past decade, the IT industry has come to appreciate the power of Lifecycle Management. However we still haven’t fully harnessed it or integrated into the rest of IT practice.
    • Cyber Security will be the motivating mechanism which allows us to move towards full adoption of Lifecycle Management. This will occur because the motivation is shifting from operational efficiencies to solution survivability.
    • This includes both the development & sustainment lifecycle and the ability to link any number of external Lifecycles together.
  • 34. Copyright 2011, All Rights Reserved – Teksouth Corporation The most valuable skills for a Cyber Security career in 2021 will not be a focus in any specific technology, but rather a analytical mindset and problem solving focus…
  • 35. Practice Predictions Copyright 2011, All Rights Reserved – Teksouth Corporation
    • Prediction 1 – The term and career field known as “Information Assurance” will be replaced by “Cyber Assurance.”
    • Prediction 2 – Intrusion Detection, Firewalls, Routers and other security hardware devices deployed to perimeters will merge and support unified policy management.
    • Prediction 3 – Social Engineering strategies will become fully integrated w/ Cyber Security practice.
    • Prediction 4 – More work will be done collaboratively as the enterprise becomes extended & more virtual.
    • Prediction 5 – Certification & Accreditation as we know it will disappear and be replaced by near-real time and real-time validation & monitoring.
  • 36. Copyright 2011, All Rights Reserved – Teksouth Corporation Section 2: A New Lexicon
  • 37. A New Lexicon Copyright 2011, All Rights Reserved – Teksouth Corporation
    • One of the most exciting aspects of being involved in any new field is helping define its parameters and the language used to describe it.
    • Cyber Security is no exception and over the next 10 years we can expect many new terms to be introduced to its Lexicon.
    • The following slides present some of the terms we believe are likely to become important within this arena. While a few are already in use, most have not been introduced yet.
  • 38. Copyright 2011, All Rights Reserved – Teksouth Corporation If you can’t describe something properly; how can you react to it or exploit it ? Words do make a difference.
  • 39. Collective Intelligence Copyright 2011, All Rights Reserved – Teksouth Corporation
    • Collective Intelligence represents the ability to merge multiple analytical nodes and collaborative groups together in order to solve specific challenges or threats.
    • It is by nature an enterprise integration between existing solutions rather than a fully vertical solution in itself.
    • Collective Intelligence is community driven and can harness or examine both structured and unstructured data sources.
  • 40. Behavioral Identity Copyright 2011, All Rights Reserved – Teksouth Corporation
    • The surest way to know if an identity has been compromised is to determine if the user is behaving differently than before or perhaps behaving differently than the expectations for behavior within the organization.
    • Ordinary software or network credentials and security systems cannot assess this.
    • Behavioral Identity will come to signify both a series of technology solutions as well as the practice approaches or patterns used to manage those systems.
  • 41. Zombification Copyright 2011, All Rights Reserved – Teksouth Corporation Zombification is the ability to convert healthy or safe user IDs into attack vectors. This type of breach is associated with destruction as opposed to theft or disruption.
  • 42. Cyber Assurance Copyright 2011, All Rights Reserved – Teksouth Corporation
    • Cyber Assurance encompasses all practices and all segments of all architectures. It is both technology and process.
    • Cyber Assurance is also focused on the actual mission of the organization and not just security of the systems that happen to facilitate the mission.
    • This term can be summed up by asking one question; is your organization secure – if so explain why and how ?
  • 43. Dynamic Networks Copyright 2011, All Rights Reserved – Teksouth Corporation
    • We introduced this concept earlier, but we’d like to elaborate, Dynamic Networks have three primary characteristics:
        • Re-Configurability – The ability to redefine the entire network in a brief period of time.
        • Collective Oversight – the ability to plug into a larger more static oversight group instantly.
        • Self-Healing – The ability to repair damage / correct issues w/o intervention.
  • 44. Cyber Fracking Copyright 2011, All Rights Reserved – Teksouth Corporation
    • No, it’s not part of Battlestar Gallactica but rather a reference to drilling practice known as “Hydraulic Fracturing.”
    • The physical process involves injection of water & chemicals under extreme pressure to fracture rocks in order to reach oil or gas reserves.
    • In Cyber Security, this represents a brute force or sustained assault on multiple access mechanisms not in order to overwhelm servers (e.g. DDoS) but in order to breach security.
  • 45. Copyright 2011, All Rights Reserved – Teksouth Corporation Section 3: About Teksouth & TEC CYBER
  • 46. We are Teksouth
    • Teksouth Corporation is a Small Business (with approximately 135 employees across the US) with 25 years of experience providing cutting-edge data solutions to both corporate and government clients.
    • Teksouth has focused on providing Data Warehouse / BI solutions that support both Logistics, Financial and Healthcare operations.
    • Teksouth has deployed one of the DoD’s single most successful comprehensive Data Warehouse / BI solutions – CRIS. This was done at a fraction of the cost of all contemporary solutions. We are Systems Integrators.
    Copyright 2011, All Rights Reserved – Teksouth Corporation
  • 47. The TEC Practice Family Copyright 2011, All Rights Reserved – Teksouth Corporation
  • 48. Our Vision Copyright 2011, All Rights Reserved – Teksouth Corporation
    • The TEC is mission-focused, yet technology driven. We understand that the relationship between technology & capability has never been closer and that it will continue to deepen as the pace of change increases.
    • The TEC was created to solve problems and to provide a mechanism to help large enterprises facilitate complex transformations.
    • The TEC applies nearly thirty years of Teksouth experience with systems engineering & development to the latest technologies…
  • 49. TEC CYBER Copyright 2011, All Rights Reserved – Teksouth Corporation
    • TEC CYBER offers comprehensive solutions and capabilities in seven primary categories, each representing a crucial stage in our solution approach:
        • Foundation [Strategy & Semantics]
        • Architect [Design]
        • Assure [Operations]
        • Aware [Analytics]
        • Validate [Compliance]
        • Collaborate [Real-time Integration]
        • Intelligence [Inference, Pattern Recognition]
    • The true power of our offerings is their ability to support integration and Cyber Security management within a single, holistic Lifecycle.
  • 50. Conclusion Copyright 2011, All Rights Reserved – Teksouth Corporation
    • We hope you’ve enjoyed this presentation. Our goal was to highlight key areas and provide an overview of the direction things are headed.
    • As with all predictions, these may or may not be realized, but as you’ve no doubt gathered by now – in today’s world all of us must to some extent become predictive wizards in order to make any plans beyond the upcoming year.
    • Things are changing quickly and it is far better to think ahead then to be left behind…
  • 51. TEC Contact Information
    • Thank You…
    • Check us out at:
    • http://www.teksouth-tec.com/
    • http://www.teksouth.com
    Copyright 2011, All Rights Reserved – Teksouth Corporation